[FFmpeg-devel] [PATCH v2] configure: Clearer documentation for "disable-safe-bitstream-reader"
Timo Rothenpieler
timo at rothenpieler.org
Sat Apr 12 03:19:08 EEST 2025
On 12.04.2025 02:11, Michael Niedermayer wrote:
> On Fri, Apr 11, 2025 at 08:32:55AM +0200, Andreas Rheinhardt wrote:
>> Michael Niedermayer:
>>> Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
>>> ---
>>> configure | 3 ++-
>>> 1 file changed, 2 insertions(+), 1 deletion(-)
>>>
>>> diff --git a/configure b/configure
>>> index bd4f8723760..f1db8b6f235 100755
>>> --- a/configure
>>> +++ b/configure
>>> @@ -436,7 +436,8 @@ Advanced options (experts only):
>>> --enable-hardcoded-tables use hardcoded tables instead of runtime generation
>>> --disable-safe-bitstream-reader
>>> disable buffer boundary checking in bitreaders
>>> - (faster, but may crash)
>>> + (This disables some security checks and can cause undefined behavior,
>>> + it may be faster, but should only be used with trusted input)
>>> --sws-max-filter-size=N the max filter size swscale uses [$sws_max_filter_size_default]
>>>
>>> Optimization options (experts only):
>>
>> I'd like to keep "crash" in the description. Not everyone (not even
>> people setting "experts only" options) will be familiar with the term
>> "undefined behavior".
>
> what about:
>
> (This disables some security checks and can cause undefined behavior and
> crashes, it may be faster, but should only be used with trusted input)
Given that the undefined behaviour can in theory even include arbitrary
code execution, I'd probably make it even harsher and mention that
worst-case being a possibility.
More information about the ffmpeg-devel
mailing list